Lucene search
K

5 matches found

NVD
NVD
added 2026/05/11 8:25 p.m.14 views

CVE-2026-42887

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.33.0, a stored cross-site scripting XSS vulnerability exists in the Login Page due to improper sanitization of the authLoginCustomMessage field of the /api/auth-settings endpoint. An attacker with administrative privileges c...

4.5CVSS0.00207EPSS
Exploits0References1
OSV
OSV
added 2026/05/08 5:47 a.m.4 views

BIT-JRE-2026-23865

An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...

5.3CVSS7.3AI score0.00141EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/15 5:26 p.m.7 views

EUVD-2026-22991

Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses a...

7.4CVSS5.8AI score0.00316EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.7 views

PT-2026-25331

Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...

8.2CVSS5.8AI score0.00263EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/01/08 10:36 p.m.7 views

WordPress Forminator Forms plugin <= 1.49.1 - Missing Authorization to Authenticated (Forminator User+) CSV Export vulnerability

Missing Authorization to Authenticated Forminator User+ CSV Export vulnerability discovered by type5afe in WordPress Plugin Forminator versions = 1.49.1...

5.3CVSS6.9AI score0.00262EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder